Managed Security Services

At CT Group, we have a highly experienced team of security engineers that include strategic consultants and hands-on specialists. They have extensive knowledge and expertise in cybersecurity, making them a mature and highly accredited security team. They can provide a wide range of security solutions and work with some of the best vendors in Australia to design, implement, and maintain tailored security measures to protect your business.

We have conducted numerous security assessments and developed a proven model that can strengthen your organisation's resilience, incident response, and recovery capabilities. By leveraging our expertise and experience, we can help you improve your cyber security posture and protect your business from cyber threats. We offer three Managed Security Packages that allows our clients the level of cyber safety based on their size, specific needs and budget allowance.

All our packages are priced up individually due to most of the products being based on a per user or per device structure, which varies significantly from one business to another.

Basic Security Package

PACKAGE INCLUSIONS
  • EDR (1 Per User With Excess Billed Per Device)
  • RMM (Asset Inventory) (Per Device)
  • Cloud Email And Collaboration Security (Per User)
  • Multi-Factor Authentication (Per User)
  • Device Encryption (Per User)
  • DKIM Deployment
  • Essential 8 Compliant
  • Vulnerability Management (Per Device)
  • Security Awareness Training (Per User)
  • Automated Phishing Simulation (Per User)
  • Dark Web Monitoring (Per User)
  • Security Policy Documentation Templates
  • Annual Security Presentation And Report
  • Managed Detection And Response (Per Device)
  • Security Information And Event Management (SIEM)
  • DNS Filtering (Per User)
  • Password Manager (Per User)
  • DMARC Deployment And Management
  • DLP Deployment For M365 Suite
  • Continuous Microsoft Secure Score Review And Improvements
  • Quarterly Security Presentation And Report
  • Annual External Penetration Testing

Essential Security Package

PACKAGE INCLUSIONS
  • EDR (1 Per User With Excess Billed Per Device)
  • RMM (Asset Inventory) (Per Device)
  • Cloud Email And Collaboration Security (Per User)
  • Multi-Factor Authentication (Per User)
  • Device Encryption (Per User)
  • DKIM Deployment
  • Essential 8 Compliant
  • Vulnerability Management (Per Device)
  • Security Awareness Training (Per User)
  • Automated Phishing Simulation (Per User)
  • Dark Web Monitoring (Per User)
  • Security Policy Documentation Templates
  • Annual Security Presentation And Report
  • Managed Detection And Response (Per Device)
  • Security Information And Event Management (SIEM)
  • DNS Filtering (Per User)
  • Password Manager (Per User)
  • DMARC Deployment And Management
  • DLP Deployment For M365 Suite
  • Continuous Microsoft Secure Score Review And Improvements
  • Quarterly Security Presentation And Report
  • Annual External Penetration Testing

Advanced Security Package

PACKAGE INCLUSIONS
  • EDR (1 Per User With Excess Billed Per Device)
  • RMM (Asset Inventory) (Per Device)
  • Cloud Email And Collaboration Security (Per User)
  • Multi-Factor Authentication (Per User)
  • Device Encryption (Per User)
  • DKIM Deployment
  • Essential 8 Compliant
  • Vulnerability Management (Per Device)
  • Security Awareness Training (Per User)
  • Automated Phishing Simulation (Per User)
  • Dark Web Monitoring (Per User)
  • Security Policy Documentation Templates
  • Annual Security Presentation And Report
  • Managed Detection And Response (Per Device)
  • Security Information And Event Management (SIEM)
  • DNS Filtering (Per User)
  • Password Manager (Per User)
  • DMARC Deployment And Management
  • DLP Deployment For M365 Suite
  • Continuous Microsoft Secure Score Review And Improvements
  • Quarterly Security Presentation And Report
  • Annual External Penetration Testing

Security Package Add Ons

Whilst our Basic and Essential packages don’t include all of the products in the Advance package, we do offer add on products that will allow us to tailor your security solutions to your business needs.

There are two particular add ons that we would recommend: Cyber Awareness Security Training and DNS Filtering.

Cyber threats are evolving at a rapid pace and whilst many organisations are investing heavily in cyber technologies, criminals are recognising that through deceiving staff, they can bypass the most sophisticated defences. By tricking employees through tactics, such as phishing, criminals are proving that a human is the weakest link in security. With our Security Awareness Training, we can provide your staff with the skills to make safer decisions (for themselves and for your organisation) and fortify cyber security from the inside out.

DNS Filtering is becoming a crucial product for businesses that offer hybrid and work from home options for their staff, allowing protection of the actual device they are working from.

Add Ons

Security Awareness Training (Per User)

Bespoke Security Document Template Creation At Request

DNS Filtering (Per User)

Annual External Penetration Testing Conducted By Independent Third-party With Remediation Of Any Findings Undertaken By CT Group Within Two Weeks Of Report Being Received

Managed Detection And Response (Per Device)

Endpoint Detection and Response (EDR) is a cybersecurity approach that focuses on detecting and investigating security incidents on endpoints like desktops, laptops and servers. EDR solutions collect and analyse endpoint data, network traffic, and user behaviour to detect anomalous activities that could indicate a security breach. EDR solutions are designed to provide real-time threat intelligence, automated incident response, and forensic investigation capabilities. EDR tools allow security teams to detect and respond to advanced threats quickly and efficiently, minimizing the risk of data breaches and other cybersecurity incidents.
Our remote monitoring and management tool is essential for visibility of the devices within your network. Our RMM platform is set to run continuous discovery jobs to ensure that an up to date IT asset inventory exists for all devices that can communicate over the network and thus act as a potential source of vulnerability which forms a critical part of your security posture. Our RMM tool is also responsible for the efficient patching of applications and operating systems in the network.
Our API-based cloud email and collaboration security tool uses AI to protect cloud email and collaboration suites from cyber attacks that evade default and advanced security tools. Unlike spam filters, which only protect incoming email, our cloud email and collaboration security tool protects everything, securing email in all directions (internal, external, outgoing). This offers complete protection against all threats, including insider ones.
Multi-factor authentication (MFA) is an essential security measure that helps protect your accounts and data from unauthorized access. MFA provides an additional layer of security by requiring users to verify their identity using two or more factors before granting access to their accounts.

Having MFA in place is crucial in today's digital landscape, where cyber attacks and data breaches are becoming more frequent and sophisticated. With MFA, even if an attacker has your password, they won't be able to access your account without the additional authentication factor.

Where available, CT Group will also configure geo-blocking restrictions in tandem with Multi-Factor Authentication to further harden the authentication process.
Device encryption is a powerful security measure that helps protect your sensitive data in case your device falls into the wrong hands. With device encryption, all the information on your device is scrambled and can only be accessed by someone who has the right password or decryption key. Our device encryption technology ensures that your important data is safe and secure, giving you peace of mind when you’re on the go. It’s an essential security feature for anyone who works with confidential information, from business professionals to students and anyone who wants to keep their personal data secure.
DKIM (DomainKeys Identified Mail) is an essential security tool used to protect email communication. It works by adding a digital signature to each email message, which verifies that the message was sent from a legitimate source and has not been altered during transmission. This is important because without DKIM, malicious individuals can easily impersonate a sender's email address and send fraudulent messages to unsuspecting recipients. DKIM helps to prevent these types of attacks and ensures that email communication remains secure and reliable.
Deploying the ACSC Essential Eight is critical for businesses and organisations that take cybersecurity seriously. The Essential Eight is a set of strategies developed by the Australian Cyber Security Centre (ACSC) that provides a practical framework for mitigating cyber threats and reducing the likelihood of successful cyber attacks.

By deploying the Essential Eight, you can significantly improve your organisation's cybersecurity posture and protect against a range of common cyber threats, including ransomware, phishing, and malware attacks. The Essential Eight comprises eight mitigation strategies that are considered essential for any organisation that wants to strengthen its cybersecurity defences:
  1. Application whitelisting
  2. Patching applications
  3. Configuring Microsoft Office macro settings
  4. User application hardening
  5. Restricting administrative privileges
  6. Patching operating systems
  7. Multi-factor authentication
  8. Daily backups

By implementing these strategies, you can prevent cybercriminals from exploiting known vulnerabilities in your organisation's systems, reduce the risk of unauthorised access, and ensure that your critical data is protected from loss or theft. Deploying the Essential Eight is an essential step towards creating a robust and resilient cybersecurity posture that can help your organisation withstand even the most sophisticated cyber attacks. With our expert guidance, you can implement these strategies quickly and effectively, ensuring that your organisation stays protected from cyber threats at all times.
Vulnerability management is a critical component of any organisation's cybersecurity strategy, as it helps identify, assess, and mitigate security vulnerabilities before they can be exploited by cybercriminals. By regularly scanning and patching vulnerabilities in your systems and applications, you can significantly reduce the risk of cyber attacks and protect your organisation's sensitive data. Vulnerability management also helps you comply with regulatory requirements and industry standards, demonstrating your commitment to cybersecurity best practices and ensuring that your organisation stays one step ahead of emerging threats.
Security awareness training is essential to ensure that employees understand the importance of cybersecurity and their role in protecting their organisation's sensitive information and assets. By educating employees about the latest cyber threats, phishing attacks, and social engineering tactics, organisations can significantly reduce the risk of human error-based security breaches. Security awareness training also helps employees recognize potential threats and respond appropriately, ensuring that cyber incidents are detected and reported promptly. Ultimately, security awareness training is an investment in your organisation's overall cybersecurity posture, as it helps build a culture of security awareness and empowers employees to be active participants in protecting their organisation's data and assets
Phishing simulation is an essential security practice that helps individuals and organisations identify and prevent phishing attacks. Phishing is a type of cyber attack where a fraudster impersonates a trustworthy entity to trick the victim into divulging sensitive information or clicking on a malicious link. Phishing simulation involves sending simulated phishing emails to employees or individuals to test their awareness and response to such attacks. By doing so, organisations can train their employees to recognize and report suspicious emails, ultimately reducing the risk of a successful phishing attack.
Dark web monitoring of user passwords is an essential security measure that helps organisations detect and mitigate potential data breaches originating from the dark web. Cybercriminals often sell or trade stolen user credentials on the dark web, allowing attackers to gain unauthorised access to sensitive information and systems. By monitoring the dark web for mentions of user passwords, organisations can quickly identify potential data breaches and take action to mitigate the risks. Dark web monitoring of user passwords also helps organisations proactively educate employees on the importance of strong password hygiene and implement password policies that require regular changes and the use of complex, unique passwords. Ultimately, dark web monitoring of user passwords is an essential component of any comprehensive cybersecurity strategy, helping organisations protect their sensitive information and assets from the growing threat of cybercrime and data breaches.
CT Group will provide you with the following security-related policy documentation templates for you to update as relevant to your firm to satisfy various compliance requirements.

  1. Information Security Policy
  2. Acceptable Use Policy
  3. Incident Response Plan
  4. Disaster Response Plan
  5. Business Continuity Plan
  6. Password Policy
A member of our security team, alongside your dedicated managed services team leader, will meet with you to provide an updated overview of the security solution, highlighting the goals, objective and scope of each service being provided. It will provide an update on the current threat landscape and detail what security controls are in place to mitigate against it. The results of the risk assessment of the business alongside a specific human risk assessment report will be presented to highlight any areas or particular staff members that require attention or training.